New System Detects and Alerts to Automobile Cyber Attacks

COLUMBUS, OH--(Marketwired - November 19, 2014) - A new Network Enforcement Module (NEM™) designed by Battelle to detect cybersecurity threats in today's increasingly connected vehicles has successfully completed field trials with several automakers and is now ready for commercialization.

The dramatic increase in automotive internet connectivity to other devices and the Internet provides more entry points to the vehicle's electronic systems and hackers have taken notice. Vehicles today can have as many as 100 microprocessor-based Electronic Control Units (ECUs) networked together to coordinate and control critical systems such as air bags, infotainment, active cruise, park assist and active steering.

Automakers realize that it is not enough to simply identify these interfaces and apply traditional protection mechanisms like access control. Modern cars have more 100 million lines of code, making it impossible to completely eliminate bugs and vulnerabilities.

"The first step in protection is detection -- you can't protect the car and passengers from emerging threats if you don't have a system that detects the threat," said Anuja Sonalker, Ph.D., lead scientist and program manager at Battelle. "Our field tests show that NEM can detect even the most sophisticated threats. It is one of the most promising technologies in the automotive cyber security market."

NEM is a platform-agnostic anomaly detection system that can be integrated quickly into automobiles as a critical component of defending against intrusions into the vehicle and subversion of any onboard ECU or computer system. Because it relies on machine-learning to identify new threats, NEM does not require constant updates like the signature-based threat-detection systems used in laptops.

Once NEM detects an anomaly, it can alert the driver, the automotive company or law enforcement to intervene, depending on the level of the threat and policies developed by the automaker, Sonalker said.

Battelle has been working with leading automotive companies to test NEM for more than two years. The world's largest nonprofit research and development organization and a trusted leader in national security, Battelle has unparalleled experience in cybersecurity, providing risk analysis, threat assessment and detection, countermeasures and other security services to federal agencies and financial services companies. Battelle's work in automotive technology includes contributions to the development of anti-lock brakes and cruise control, as well as crash safety and collision avoidance programs with the U.S. Department of Transportation.

The NEM field tests included taking a variety of vehicles from several different manufacturers outfitted with NEM on the open road to measure "false positives," as well as introducing actual cyber threats to the vehicles on controlled test tracks to detect "false negatives." When it came to detecting false positives, NEM performed flawlessly, achieving the gold standard 6 Sigma, while NEM's ability to detect actual cyber threats introduced to vehicles is 5 Sigma, the best in the industry.

Battelle's commercialization team is now working with interested parties on licensing agreements and with automotive companies on integration of the NEM into proprietary vehicle security systems. The company expects the system to be in use as early as the 2018 model year.

About Battelle

Every day, the people of Battelle apply science and technology to solving what matters most. At major technology centers and national laboratories around the world, Battelle conducts research and development, designs and manufactures products, and delivers critical services for government and commercial customers. Headquartered in Columbus, Ohio since its founding in 1929, Battelle serves the national security, health and life sciences, and energy and environmental industries. For more information, visit www.battelle.org.